Merge branch 'main' into avm99963-monorail
Merged commit cd4b3b336f1f14afa02990fdc2eec5d9467a827e
GitOrigin-RevId: e67bbf185d5538e1472bb42e0abb2a141f88bac1
diff --git a/sitewide/grouplist.py b/sitewide/grouplist.py
index 3adfaa3..57c46e9 100644
--- a/sitewide/grouplist.py
+++ b/sitewide/grouplist.py
@@ -13,7 +13,7 @@
import ezt
-from framework import framework_helpers
+from framework import flaskservlet, framework_helpers
from framework import permissions
from framework import servlet
from framework import urls
@@ -66,6 +66,8 @@
'User is not permitted to delete groups')
remove_groups = [int(g) for g in post_data.getall('remove')]
+ # TODO(crbug.com/monorail/10936): getall in Flask is getlist
+ # remove_groups = [int(g) for g in post_data.getlist('remove')]
if not mr.errors.AnyErrors():
self.services.usergroup.DeleteGroups(mr.cnxn, remove_groups)
@@ -76,3 +78,75 @@
return framework_helpers.FormatAbsoluteURL(
mr, '/g', include_project=False,
saved=1, ts=int(time.time()))
+
+ # def GetGroupList(self, **kwargs):
+ # return self.handler(**kwargs)
+
+ # def PostGroupList(self, **kwargs):
+ # return self.handler(**kwargs)
+
+
+class GroupDelete(flaskservlet.FlaskServlet):
+ """Shows a page with a simple form to create a user group."""
+
+ _PAGE_TEMPLATE = 'sitewide/group-list-page.ezt'
+
+ def AssertBasePermission(self, mr):
+ """Assert that the user has the permissions needed to view this page."""
+ super(GroupDelete, self).AssertBasePermission(mr)
+
+ if not mr.perms.HasPerm(permissions.VIEW_GROUP, None, None):
+ raise permissions.PermissionException(
+ 'User is not allowed to view list of user groups')
+
+ def GatherPageData(self, mr):
+ """Build up a dictionary of data values to use when rendering the page."""
+ group_views = [
+ sitewide_views.GroupView(*groupinfo)
+ for groupinfo in self.services.usergroup.GetAllUserGroupsInfo(mr.cnxn)
+ ]
+ group_views.sort(key=lambda gv: gv.name)
+ offer_group_deletion = mr.perms.CanUsePerm(
+ permissions.DELETE_GROUP, mr.auth.effective_ids, None, [])
+ offer_group_creation = mr.perms.CanUsePerm(
+ permissions.CREATE_GROUP, mr.auth.effective_ids, None, [])
+
+ return {
+ 'form_token':
+ xsrf.GenerateToken(mr.auth.user_id, '%s.do' % urls.GROUP_DELETE),
+ 'groups':
+ group_views,
+ 'offer_group_deletion':
+ ezt.boolean(offer_group_deletion),
+ 'offer_group_creation':
+ ezt.boolean(offer_group_creation),
+ }
+
+ def ProcessFormData(self, mr, post_data):
+ """Process the posted form."""
+ if 'removebtn' in post_data:
+ return self.ProcessDeleteGroups(mr, post_data)
+
+ def ProcessDeleteGroups(self, mr, post_data):
+ """Process request to delete groups."""
+ if not mr.perms.CanUsePerm(permissions.DELETE_GROUP, mr.auth.effective_ids,
+ None, []):
+ raise permissions.PermissionException(
+ 'User is not permitted to delete groups')
+
+ remove_groups = [int(g) for g in post_data.getlist('remove')]
+
+ if not mr.errors.AnyErrors():
+ self.services.usergroup.DeleteGroups(mr.cnxn, remove_groups)
+
+ if mr.errors.AnyErrors():
+ self.PleaseCorrect(mr)
+ else:
+ return framework_helpers.FormatAbsoluteURL(
+ mr, '/g', include_project=False, saved=1, ts=int(time.time()))
+
+ def GetGroupDelete(self, **kwargs):
+ return self.handler(**kwargs)
+
+ def PostGroupDelete(self, **kwargs):
+ return self.handler(**kwargs)